McAfee reports virtual worlds are cybercrime playgrounds

Cyber-criminals will use every means possible online to take advantage of other users. Security vendor McAfee has identified one relatively new online service that seems to be increasingly popular with criminal activity – virtual worlds.

According to the report a number of different tactics are being used to benefit from these online games. Data stealing seems to be the number one problem right now, with criminals using a whole range of techniques to gather information about other gamers. This includes data stealing software such as keyloggers, taking advantage of poorly implemented scripting in the different games and even phishing attacks.

The main aim of these activities is either to compromise a gamer’s PC or gain access to their game accounts where they can be stripped of anything of value – a sort of virtual burglary.

McAfee concludes in the report that security has clearly been sidelined by game developers due to a need to get their products to market within a set timeframe. Rather than bolting on security at a late stage in development McAfee believe the only way to combat criminal activity in virtual worlds is to include security measures as a core part of a game’s development from the start of a project.

Matthew’s Opinion
I’ve never really thought I may be at risk while playing an MMO, but as with everything else online, if there are flaws in a service then you can guarantee they will be taken advantage of. It must be quite distressing to open you account to find your level 70 character is completely devoid of clothes, has a gold value of zero and dies within seconds of being tagerted by enemy X.

Unlike real-world crime though, it may be possible to get your stuff back depending on how the company providing your gaming experience deals with crimes in their virtual world. Do they act like banks and respond to crime by reimbursing you with what has been lost? I doubt that’s the case at the moment, but as games mature I’m sure it will be a feature they add.

A lot of companies producing MMOs are doing so for the first time and therefore don’t have a great knowledge of the security problems specifically associated with such a service. However, a lot of those companies will now move on to new games, take their knowledge and experience from the previous game, and build more robust systems. Security vendors will also be keen to help for a fee.